Kansas State University


IT News

Why you need to secure your home wireless network

Recent news out of Minnesota caught my attention and underscores the need for people to secure wireless networks at home. Barry Ardolf is accused of tapping into his neighbor’s home wireless network and sending a threatening e-mail to Vice President Joe Biden, making it appear to have come from his neighbor. As if that’s not enough, he also is alleged to have sent sexually explicit e-mails to his neighbor’s co-worker; sent child porn to his neighbor’s boss; set up a MySpace page in his neighbor’s name and posted child porn on it; used fake e-mail accounts set up in his neighbor’s name; and stole personal identity information.

Presumably none of us have neighbors like Ardolf, but I assure you many of us have neighbors who wouldn’t hesitate to use your wireless network if you make it easy for them. And default settings on common wireless routers do just that.

Here are five steps you should take to securely configure your home wireless network:

  1. Use strong encryption. Use “WPA2” encryption, which most new wireless routers support, rather than WEP since the latter is too weak and easily cracked (although WEP is better than nothing). Be sure to remember the encryption password, though — write it down and save it in a secure location.
  2. Change the default “SSID”. The “Service Set IDentifier” is the name of your wireless network, and common default values are “linksys” and “NETGEAR”. Change it so people can’t guess its value, which is required to access the wireless network.
  3. Do not broadcast the SSID. If you change the default SSID and prevent the wireless router from advertising its value, people will not be able to discover your wireless network. You can then give the SSID only to the people you want to allow to use your wireless network.
  4. Add a strong password to the administrator account on the wireless router so people can’t connect to it and change its configuration. Many routers come with no password or a simple one like “admin”. Change it to a value that only you know, and make sure you don’t forget it! You can write it down along with the encryption key and store it in a safe place.
  5. Restrict access to specific computers, which is usually done by specifying their “MAC address”. Every wireless interface has a unique MAC address (aka “hardware address”), and any good wireless router allows you to restrict access to specific MAC addresses. Use Google to find instructions on how to determine the MAC address for your particular computer and operating system.

Consult the documentation that came with your wireless router to learn how to implement these security features. The FTC’s OnGuard Online Wireless Security website also has good information, including tutorials on how to do many of the configuration changes in the above list for popular home wireless routers.

Taking these steps makes it more difficult for someone visiting your house to use your wireless network, but the security benefit far outweighs the inconvenience. So please go home now and make these changes… and be nice to your neighbors. 🙂

About Harvard Townsend (harv@ksu.edu)

Chief Information Security Officer